Towards a systematic threat modeling approach for cyber-physical systems

Martins, Gonçalo; Bhatia, Sajal; Koutsoukos, Xenofon; Stouffer, Keith; Tang, CheeYee; Candell, Richard

doi:10.1109/rweek.2015.7287428

Cited by 22 publications

(21 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These vulnerability metrics or scores combined with a process to identify relevant threats can guide defenders in targeting and prioritising solutions. A number of studies has identified that the analysis of vulnerability/threat combination remains a manual process [ 16 , 26 , 27 , 28 ].…”

Section: Vulnerabilities Attacks and Threatsmentioning

confidence: 99%

“…In a study by Martins, et al. [ 16 ], it was identified that there is limited tools available assist with methodically analysing CPS threats. The scarcity of these tools is due to the diverse features of a CPS.…”

Section: Cyber Threat Intelligencementioning

confidence: 99%

“…A common theme in the reviewed papers were the 4 aspects to Cyber Threat Intelligence (CTI) ( Figure 3 ) [ 15 ], Centric based TM (Figures 2 , 4 , and 5 ) [ 16 , 17 ], and types of TM (Figures 6 , 7 , and 8 ) [ 16 , 18 , 19 ]. An axis and quadrant style representation encouraged by ENISA [ 15 ] was used for our study's original figures, including a the recreation of their representation of the CTI program ( Figure 3 ).…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A review of threat modelling approaches for APT-style attacks

Tatam

Shanmugam

Azam

et al. 2021

Heliyon

View full text Add to dashboard Cite

Section: Vulnerabilities Attacks and Threatsmentioning

confidence: 99%

Section: Cyber Threat Intelligencementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A review of threat modelling approaches for APT-style attacks

Tatam

Shanmugam

Azam

et al. 2021

Heliyon

View full text Add to dashboard Cite

“…Attack tree based approach and stochastic model based approach are two main threat modeling method [10]. In tree modeling approach, the root node representing the attack goal and leaf nodes representing the ways of achieving the attack goal.…”

Section: Related Workmentioning

confidence: 99%

A novel SMP-based survivability evaluation metric and approach in wireless sensor network

Chen

Zhuang

Shan³

et al. 2019

COMSIS J

View full text Add to dashboard Cite

In Industrial Internet of Things (IIoT) device and network, wireless sensor network (WSN) is an important component.Routing protocol is the critical component of WSN. As the WSN may be attacked by all kinds of intruders, the survivability of WSN is important to IIoT security. To precisely evaluate the systematic survivability ability under external attack and internal security mechanism,a novel survivability entropy-based quantitative evaluation metric is proposed to calculate the systematic survivability ability of WSN routing protocol. Numerical analysis and simulation experiments are combined to precisely calculate the survivability entropy metric.To validate the evaluation approach, NS2 (Network simulator) is used to simulate the DoS attack and security mechanism in WSN. Experimental results show that the novel survivability evaluation metric and method can precisely evaluate the systematic survivability ability of WSN.

show abstract

“…To identify threats and threat scenarios for a system different models can be used. A threat model is a structured approach that allows a systematic identification and rating of security related threats that are likely to affect the system under consideration [57]. In general, threat modeling approaches can be categorized into three different groups: systemcentric, asset-centric, and attacker-centric approaches [56] with main emphasis being on the system architecture, assets, and threat agents, respectively.…”

Section: Threats Threat Agents and Threat Modelingmentioning

confidence: 99%

Smart connected homes : concepts, risks, and challenges

Bugeja¹

View full text Add to dashboard Cite

The growth and presence of heterogeneous connected devices inside the home have the potential to provide increased efficiency and quality of life to the residents. Simultaneously, these devices tend to be Internet-connected and continuously monitor, collect, and transmit data about the residents and their daily lifestyle activities. Such data can be of a sensitive nature, such as camera feeds, voice commands, physiological data, and more. This data allows for the implementation of services, personalization support, and benefits offered by smart home technologies. Alas, there has been a rift of security and privacy attacks on connected home devices that compromise the security, safety, and privacy of the occupants. In this thesis, we provide a comprehensive description of the smart connected home ecosystem in terms of its assets, architecture, functionality, and capabilities. Especially, we focus on the data being collected by smart home devices. Such description and organization are necessary as a precursor to perform a rigorous security and privacy analysis of the smart home. Additionally, we seek to identify threat agents, risks, challenges, and propose some mitigation approaches suitable for home environments. Identifying these is core to characterize what is at stake, and to gain insights into what is required to build more robust, resilient, secure, and privacy-preserving smart home systems. Overall, we propose new concepts, models, and methods serving as a foundation for conducting deeper research work in particular linked to smart connected homes. In particular, we propose a taxonomy of devices; classification of data collected by smart connected homes; threat agent model for the smart connected home; and identify challenges, risks, and propose some mitigation approaches.

show abstract

Towards a systematic threat modeling approach for cyber-physical systems

Cited by 22 publications

References 10 publications

A review of threat modelling approaches for APT-style attacks

A review of threat modelling approaches for APT-style attacks

A novel SMP-based survivability evaluation metric and approach in wireless sensor network

Smart connected homes : concepts, risks, and challenges

Contact Info

Product

Resources

About